Sherman's Security Blog
I am Sherman Hand. (also known as Policysup) I have created this blog and will use a part of my day to write about what is going on in the world. I hope to discuss things in a down to earth and practical way. I hope to hear back from you on your thoughts. I do not in any way intend to speak for my employer. The content of this blog will be either opinions that are strictly mine, general observations,re posts, or information that is already in the public domain.

Microsoft has ended support for older versions of Internet Explorer, sending a clear message: It’s time for enterprises to adopt the latest version of all its products.

If you weren’t paying attention last week, let me bring you up to date. As of January 12, 2016, only the most current version of Internet Explorer will receive technical support and security updates from Microsoft. Internet Explorer 11 is the most current version, so you might want to check which version is being used in your enterprise.

The move to drop support for older versions of Internet Explorer should come as no surprise to anyone. It should be obvious by now that Microsoft’s strategy is to move enterprises beyond any legacy versions of its software. Microsoft is moving forward and if you don’t follow, you will be left behind.

Change

Dropping support for older versions of IE is just the latest move in what has become a well-established strategic pattern. Whether it is Windows, Office, Azure, or Internet Explorer, Microsoft wants all business enterprises to be using the latest versions of its software. Of course, that has always been the case—but there is a twist now.

In the past, Microsoft was willing to make allowances for enterprises that wished to stick with older tried-and-true versions of its software. However, Microsoft has made it quite clear that it will not be doing that anymore. If your enterprise wants to keep using Windows XP and Office XP, it will have to do so on its own. Essentially, Microsoft is washing its hands of all responsibility.

The change in strategy makes total sense, at least from Microsoft’s perspective. Trying to maintain three, four, and sometimes five versions of its software has taken a toll on Microsoft’s ability to innovate and adjust to changing industry standards, trends, and business needs. Microsoft is eliminating the weight of legacy support to streamline its business.

Kicking and screaming

The day support was cut off for older versions of IE, I saw several complaints from enterprises running specific applications designed to work exclusively with IE9. First of all, I never understood why enterprises tied themselves to one specific third-party application for which they have no control. But beyond that, why are those enterprises still using Internet Explorer 9 at all? For that matter, why are those enterprises running a critical application tied to any specific browser?

In the end, the reason your enterprise is refusing to join the rest of us in the 21st century is really not important. So you can kick and scream, throw a tantrum on the discussion forums, and whine about evil intentions, but it is not going to change anything. Microsoft has made it clear—it doesn’t care about legacy support anymore.

Bottom line

I have made this argument in the past, but I think it is worth repeating. Running outdated and unsupported software in an enterprise, especially when you have been specifically warned not to, and extra especially when an alternative is available, is irresponsible, dangerous, and frankly, stupid.

When your Windows XP systems get hacked and all your customer information is stolen, and Scott Pelly and 60 Minutes shows up at your door to ask, “What were you thinking?” don’t blame it on Microsoft because it is going to be all your fault.